cups/cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch
Johannes Meixner 47c00b7174 Accepting request 96966 from home:elvigia:branches:Printing
- Update systemd patch, Bind to datagram socket as well 
in systemd cups.socket unit file, to prevent that port being 
stolen by another service (from RH).
- There is no need to use -fno-strict-aliasing in cflags any longer.

OBS-URL: https://build.opensuse.org/request/show/96966
OBS-URL: https://build.opensuse.org/package/show/Printing/cups?expand=0&rev=231
2011-12-20 09:35:50 +00:00

520 lines
13 KiB
Diff

--- config.h.in.orig
+++ config.h.in
@@ -496,6 +496,13 @@
/*
+ * Do we have systemd support?
+ */
+
+#undef HAVE_SYSTEMD
+
+
+/*
* Various scripting languages...
*/
--- /dev/null
+++ config-scripts/cups-systemd.m4
@@ -0,0 +1,36 @@
+dnl
+dnl "$Id$"
+dnl
+dnl systemd stuff for CUPS.
+
+dnl Find whether systemd is available
+
+SDLIBS=""
+AC_ARG_WITH([systemdsystemunitdir],
+ AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
+ [], [with_systemdsystemunitdir=$($PKGCONFIG --variable=systemdsystemunitdir systemd)])
+if test "x$with_systemdsystemunitdir" != xno; then
+ AC_MSG_CHECKING(for libsystemd-daemon)
+ if $PKGCONFIG --exists libsystemd-daemon; then
+ AC_MSG_RESULT(yes)
+ SDCFLAGS=`$PKGCONFIG --cflags libsystemd-daemon`
+ SDLIBS=`$PKGCONFIG --libs libsystemd-daemon`
+ AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])
+ AC_DEFINE(HAVE_SYSTEMD)
+ else
+ AC_MSG_RESULT(no)
+ fi
+fi
+
+if test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ; then
+ SYSTEMD_UNITS="cups.service cups.socket cups.path"
+else
+ SYSTEMD_UNITS=""
+fi
+
+AC_SUBST(SYSTEMD_UNITS)
+AC_SUBST(SDLIBS)
+
+dnl
+dnl "$Id$"
+dnl
--- configure.in.orig
+++ configure.in
@@ -37,6 +37,7 @@ sinclude(config-scripts/cups-pam.m4)
sinclude(config-scripts/cups-largefile.m4)
sinclude(config-scripts/cups-dnssd.m4)
sinclude(config-scripts/cups-launchd.m4)
+sinclude(config-scripts/cups-systemd.m4)
sinclude(config-scripts/cups-defaults.m4)
sinclude(config-scripts/cups-pdf.m4)
sinclude(config-scripts/cups-scripting.m4)
@@ -71,6 +72,9 @@ AC_OUTPUT(Makedefs
conf/snmp.conf
cups-config
data/testprint
+ data/cups.service
+ data/cups.socket
+ data/cups.path
desktop/cups.desktop
doc/help/ref-cupsd-conf.html
doc/help/standard.html
--- cups/usersys.c.orig
+++ cups/usersys.c
@@ -750,7 +750,7 @@ cups_read_client_conf(
struct stat sockinfo; /* Domain socket information */
if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
- (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
+ (sockinfo.st_mode & (S_IROTH | S_IWOTH)) == (S_IROTH | S_IWOTH))
cups_server = CUPS_DEFAULT_DOMAINSOCKET;
else
#endif /* CUPS_DEFAULT_DOMAINSOCKET */
--- /dev/null
+++ data/cups.path.in
@@ -0,0 +1,8 @@
+[Unit]
+Description=CUPS Printer Service Spool
+
+[Path]
+PathExistsGlob=@CUPS_REQUESTS@/d*
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+++ data/cups.service.in
@@ -0,0 +1,9 @@
+[Unit]
+Description=CUPS Printing Service
+
+[Service]
+ExecStart=@sbindir@/cupsd -f
+
+[Install]
+Also=cups.socket cups.path
+WantedBy=printer.target
--- /dev/null
+++ data/cups.socket.in
@@ -0,0 +1,11 @@
+[Unit]
+Description=CUPS Printing Service Sockets
+
+[Socket]
+ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@
+ListenStream=631
+ListenDatagram=0.0.0.0:631
+BindIPv6Only=ipv6-only
+
+[Install]
+WantedBy=sockets.target
--- data/Makefile.orig
+++ data/Makefile
@@ -112,6 +112,12 @@ install-data:
$(INSTALL_DATA) $$file $(DATADIR)/ppdc; \
done
$(INSTALL_DIR) -m 755 $(DATADIR)/profiles
+ if test "x$(SYSTEMD_UNITS)" != "x" ; then \
+ $(INSTALL_DIR) -m 755 $(SYSTEMDUNITDIR); \
+ for file in $(SYSTEMD_UNITS); do \
+ $(INSTALL_DATA) $$file $(SYSTEMDUNITDIR); \
+ done; \
+ fi
#
@@ -159,6 +165,9 @@ uninstall:
-$(RMDIR) $(DATADIR)/charsets
-$(RMDIR) $(DATADIR)/banners
-$(RMDIR) $(DATADIR)
+ for file in $(SYSTEMD_UNITS); do \
+ $(RM) $(SYSTEMDUNITDIR)/$$file; \
+ done
#
--- Makedefs.in.orig
+++ Makedefs.in
@@ -143,6 +143,7 @@ CXXFLAGS = @CPPFLAGS@ @CXXFLAGS@
CXXLIBS = @CXXLIBS@
DBUS_NOTIFIER = @DBUS_NOTIFIER@
DBUS_NOTIFIERLIBS = @DBUS_NOTIFIERLIBS@
+SYSTEMD_UNITS = @SYSTEMD_UNITS@
DNSSD_BACKEND = @DNSSD_BACKEND@
DSOFLAGS = -L../cups @DSOFLAGS@
DSOLIBS = @DSOLIBS@ $(COMMONLIBS)
@@ -151,6 +152,7 @@ FONTS = @FONTS@
IMGLIBS = @IMGLIBS@
IMGFILTERS = @IMGFILTERS@
LAUNCHDLIBS = @LAUNCHDLIBS@
+SDLIBS = @SDLIBS@
LDFLAGS = -L../cgi-bin -L../cups -L../filter -L../ppdc \
-L../scheduler @LDARCHFLAGS@ \
@LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM)
@@ -267,6 +269,7 @@ PAMFILE = @PAMFILE@
DEFAULT_LAUNCHD_CONF = @DEFAULT_LAUNCHD_CONF@
DBUSDIR = @DBUSDIR@
+SYSTEMDUNITDIR = $(BUILDROOT)@systemdsystemunitdir@
#
--- scheduler/client.h.orig
+++ scheduler/client.h
@@ -75,6 +75,9 @@ typedef struct
int fd; /* File descriptor for this server */
http_addr_t address; /* Bind address of socket */
http_encryption_t encryption; /* To encrypt or not to encrypt... */
+#ifdef HAVE_SYSTEMD
+ int is_systemd; /* Is this a systemd socket? */
+#endif /* HAVE_SYSTEMD */
} cupsd_listener_t;
--- scheduler/dirsvc.c.orig
+++ scheduler/dirsvc.c
@@ -1457,7 +1457,7 @@ cupsdStartBrowsing(void)
}
}
- if (BrowseSocket >= 0)
+ if (BrowseSocket >= 0 && !BrowseSocketIsSystemd)
{
/*
* Bind the socket to browse port...
@@ -1501,13 +1501,17 @@ cupsdStartBrowsing(void)
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.",
strerror(errno));
+ if (!BrowseSocketIsSystemd)
+ {
#ifdef WIN32
- closesocket(BrowseSocket);
+ closesocket(BrowseSocket);
#else
- close(BrowseSocket);
+ close(BrowseSocket);
#endif /* WIN32 */
- BrowseSocket = -1;
+ BrowseSocket = -1;
+ }
+
BrowseLocalProtocols &= ~BROWSE_CUPS;
BrowseRemoteProtocols &= ~BROWSE_CUPS;
@@ -1820,15 +1824,22 @@ cupsdStopBrowsing(void)
if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_CUPS) &&
BrowseSocket >= 0)
{
- /*
- * Close the socket and remove it from the input selection set.
- */
+ if (!BrowseSocketIsSystemd)
+ {
+ /*
+ * Close the socket.
+ */
#ifdef WIN32
- closesocket(BrowseSocket);
+ closesocket(BrowseSocket);
#else
- close(BrowseSocket);
+ close(BrowseSocket);
#endif /* WIN32 */
+ }
+
+ /*
+ * Remove it from the input selection set.
+ */
cupsdRemoveSelect(BrowseSocket);
BrowseSocket = -1;
@@ -5146,11 +5157,14 @@ update_cups_browse(void)
strerror(errno));
cupsdLogMessage(CUPSD_LOG_ERROR, "CUPS browsing turned off.");
+ if (!BrowseSocketIsSystemd)
+ {
#ifdef WIN32
- closesocket(BrowseSocket);
+ closesocket(BrowseSocket);
#else
- close(BrowseSocket);
+ close(BrowseSocket);
#endif /* WIN32 */
+ }
cupsdRemoveSelect(BrowseSocket);
BrowseSocket = -1;
--- scheduler/dirsvc.h.orig
+++ scheduler/dirsvc.h
@@ -96,6 +96,8 @@ VAR int Browsing VALUE(TRUE),
/* Short names for remote printers? */
BrowseSocket VALUE(-1),
/* Socket for browsing */
+ BrowseSocketIsSystemd VALUE(0),
+ /* BrowseSocket is systemd-provided? */
BrowsePort VALUE(IPP_PORT),
/* Port number for broadcasts */
BrowseInterval VALUE(DEFAULT_INTERVAL),
--- scheduler/listen.c.orig
+++ scheduler/listen.c
@@ -401,7 +401,11 @@ cupsdStopListening(void)
lis;
lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
{
- if (lis->fd != -1)
+ if (lis->fd != -1
+#ifdef HAVE_SYSTEMD
+ && !lis->is_systemd
+#endif /* HAVE_SYSTEMD */
+ )
{
#ifdef WIN32
closesocket(lis->fd);
--- scheduler/main.c.orig
+++ scheduler/main.c
@@ -26,6 +26,8 @@
* launchd_checkin() - Check-in with launchd and collect the listening
* fds.
* launchd_checkout() - Update the launchd KeepAlive file as needed.
+ * systemd_checkin() - Check-in with systemd and collect the
+ * listening fds.
* parent_handler() - Catch USR1/CHLD signals...
* process_children() - Process all dead children...
* select_timeout() - Calculate the select timeout value.
@@ -62,6 +64,10 @@
# endif /* !LAUNCH_JOBKEY_SERVICEIPC */
#endif /* HAVE_LAUNCH_H */
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif /* HAVE_SYSTEMD */
+
#if defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO)
# include <malloc.h>
#endif /* HAVE_MALLOC_H && HAVE_MALLINFO */
@@ -78,6 +84,9 @@
static void launchd_checkin(void);
static void launchd_checkout(void);
#endif /* HAVE_LAUNCHD */
+#ifdef HAVE_SYSTEMD
+static void systemd_checkin(void);
+#endif /* HAVE_SYSTEMD */
static void parent_handler(int sig);
static void process_children(void);
static void sigchld_handler(int sig);
@@ -519,6 +528,13 @@ main(int argc, /* I - Number of comm
}
#endif /* HAVE_LAUNCHD */
+#ifdef HAVE_SYSTEMD
+ /*
+ * If we were started by systemd get the listen sockets file descriptors...
+ */
+ systemd_checkin();
+#endif /* HAVE_SYSTEMD */
+
/*
* Startup the server...
*/
@@ -730,6 +746,15 @@ main(int argc, /* I - Number of comm
}
#endif /* HAVE_LAUNCHD */
+#ifdef HAVE_SYSTEMD
+ /*
+ * If we were started by systemd get the listen sockets file
+ * descriptors...
+ */
+
+ systemd_checkin();
+#endif /* HAVE_SYSTEMD */
+
/*
* Startup the server...
*/
@@ -1535,6 +1560,147 @@ launchd_checkout(void)
}
#endif /* HAVE_LAUNCHD */
+#ifdef HAVE_SYSTEMD
+static void
+systemd_checkin(void)
+{
+ int n, fd;
+
+ n = sd_listen_fds(0);
+ if (n < 0)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Failed to acquire sockets from systemd - %s",
+ strerror(-n));
+ exit(EXIT_FAILURE);
+ return;
+ }
+
+ if (n == 0)
+ return;
+
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
+ {
+ http_addr_t addr;
+ socklen_t addrlen = sizeof (addr);
+ int r;
+ cupsd_listener_t *lis;
+ char s[256];
+
+ r = sd_is_socket(fd, AF_UNSPEC, SOCK_STREAM, 1);
+ if (r < 0)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Unable to verify socket type - %s",
+ strerror(-r));
+ continue;
+ }
+
+ if (!r)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "Browsing=%d", Browsing);
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "BrowseLocalProtocols=%x", BrowseLocalProtocols);
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "BrowseRemoteProtocols=%x", BrowseRemoteProtocols);
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "BROWSE_CUPS=%x", BROWSE_CUPS);
+ if (Browsing &&
+ ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_CUPS))
+ {
+ r = sd_is_socket(fd, AF_UNSPEC, SOCK_DGRAM, 0);
+ if (r < 0)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Unable to verify socket type - %s",
+ strerror(-r));
+ continue;
+ }
+
+ if (r)
+ {
+ /*
+ * This is the browse socket.
+ */
+
+ char addrstr[256];
+ if (getsockname(fd, (struct sockaddr*) &addr, &addrlen))
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Unable to get local address - %s",
+ strerror(errno));
+ continue;
+ }
+
+ httpAddrString (&addr, addrstr, sizeof (addrstr));
+ BrowseSocket = fd;
+ BrowseSocketIsSystemd = 1;
+ cupsdLogMessage(CUPSD_LOG_DEBUG,
+ "systemd_checkin: Matched browse (port %d) with fd %d:%s...",
+ BrowsePort, fd, addrstr);
+ continue;
+ }
+
+ }
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Socket not of the right type");
+ continue;
+ }
+
+ if (getsockname(fd, (struct sockaddr*) &addr, &addrlen))
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Unable to get local address - %s",
+ strerror(errno));
+ continue;
+ }
+
+ /*
+ * Try to match the systemd socket address to one of the listeners...
+ */
+
+ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
+ lis;
+ lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
+ if (httpAddrEqual(&lis->address, &addr))
+ break;
+
+ if (lis)
+ {
+ cupsdLogMessage(CUPSD_LOG_DEBUG,
+ "systemd_checkin: Matched existing listener %s with fd %d...",
+ httpAddrString(&(lis->address), s, sizeof(s)), fd);
+ }
+ else
+ {
+ cupsdLogMessage(CUPSD_LOG_DEBUG,
+ "systemd_checkin: Adding new listener %s with fd %d...",
+ httpAddrString(&addr, s, sizeof(s)), fd);
+
+ if ((lis = calloc(1, sizeof(cupsd_listener_t))) == NULL)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "systemd_checkin: Unable to allocate listener - "
+ "%s.", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+ cupsArrayAdd(Listeners, lis);
+
+ memcpy(&lis->address, &addr, sizeof(lis->address));
+ }
+
+ lis->fd = fd;
+ lis->is_systemd = 1;
+
+# ifdef HAVE_SSL
+ if (_httpAddrPort(&(lis->address)) == 443)
+ lis->encryption = HTTP_ENCRYPT_ALWAYS;
+# endif /* HAVE_SSL */
+ }
+}
+#endif /* HAVE_SYSTEMD */
/*
* 'parent_handler()' - Catch USR1/CHLD signals...
--- scheduler/Makefile.orig
+++ scheduler/Makefile
@@ -379,7 +379,7 @@ cupsd: $(CUPSDOBJS) $(LIBCUPSMIME) ../cu
$(CC) $(LDFLAGS) -o cupsd $(CUPSDOBJS) -L. -lcupsmime \
$(LIBZ) $(SSLLIBS) $(LIBSLP) $(LIBLDAP) $(PAMLIBS) \
$(LIBPAPER) $(LIBMALLOC) $(SERVERLIBS) $(DNSSDLIBS) $(LIBS) \
- $(LIBGSSAPI) $(LIBWRAP)
+ $(LIBGSSAPI) $(LIBWRAP) $(SDLIBS)
cupsd-static: $(CUPSDOBJS) libcupsmime.a ../cups/$(LIBCUPSSTATIC)
echo Linking $@...
@@ -387,7 +387,7 @@ cupsd-static: $(CUPSDOBJS) libcupsmime.a
$(LIBZ) $(SSLLIBS) $(LIBSLP) $(LIBLDAP) $(PAMLIBS) \
../cups/$(LIBCUPSSTATIC) $(COMMONLIBS) $(LIBZ) $(LIBPAPER) \
$(LIBMALLOC) $(SERVERLIBS) $(DNSSDLIBS) $(LIBGSSAPI) \
- $(LIBWRAP)
+ $(LIBWRAP) $(SDLIBS)
#